Nov. 1, 2008 European researchers are developing the world’s first optical firewall capable of analysing data on fibre optic networks at speeds of 40 gigabits per second. Their work promises to save the internet from the looming threat of network security bottlenecks.
As demand for data-intensive services, such as video-on-demand and online gaming increases, telecommunications providers are expanding the high-speed fibre optic networks that form the backbone of the internet. But while network performance has improved, the electronic processes and algorithms used to filter data for security threats are struggling to keep pace.
With demand for data-intensive services only likely to intensify further in the future, bottlenecks seem inevitable unless security processes can be implemented at optical network speeds.
“The amount of data being transmitted can and will get much higher as data-intensive services become more commonplace,” says Graeme Maxwell, the vice-president for Integration Technologies at CIP Technologies in the UK.
“Even with mobile phones, the data sent over 3G networks ends up on a fibre optic cable very quickly, in as little as two or three hops... It’s the data analogy of many little streams quickly feeding into a river and causing a massive flood.”
Add to the growth of wireless communications the expansion of fixed-line and cable broadband services in homes and offices, and, according to some estimates, traditional electronic security processes will soon be unable to cope.
“There is a real need for an optical security solution – and that is what we are developing,” Maxwell says.
Working in the EU-funded WISDOM project, Maxwell leads a team of researchers who have demonstrated novel optical circuits capable of searching for and identifying target data patterns at wire speeds of 40Gb/s – the fastest data rate of current commercial networks. Using custom algorithms, their groundbreaking optical firewall looks for patterns in the header content of data packets (the part of the data containing information about the sender, recipient and format) to single out possible viruses, attacks or other threats.
“Our goal is not to replace electronics with optics but to complement existing security processes,” Maxwell notes.
Filtering threats optically
The WISDOM firewall acts as a kind of primary, high-speed filter that routes suspect packets to electronic processes for further analysis. It is able to carry out optical packet recognition, interrogation and manipulation of data streams incorporating features of parity checking, flag status, and header recognition. And, because there is no optical equivalent of electronic memory, the entire process has to be carried out on the fly.
Described as an “optical firewall on a chip”, the system is built on a state-of-the-art hybrid integrated photonic technology platform developed by CIP in which silica-on-silicon circuits form an optical equivalent of an electronic printed circuit board (PCB). Much like a PCB can host different electronic components depending on its intended use, different optical and optoelectronic components can be fitted to the optical circuit board, resulting in a cost-effective and scalable solution.
The hybrid boards can also be fitted with components fit for other uses, with the WISDOM project partners foreseeing applications in sensor systems, avionics, data transmission and optical processing, as well as network security.
“Think about all the applications for today’s electronic PCBs – they are everywhere! Optical boards could have a similar range of uses in the future,” the project coordinator says.
Indeed, Maxwell expects the first commercial application of the boards to be for data transmission over fibre optic networks, with their implementation for network security likely to follow within the next five years.
“The WISDOM project is demonstrating the functionality of an optical firewall, hopefully to the point where we can bring additional manufacturers onboard in a follow-up project,” Maxwell says.
He admits that the idea of an optical firewall is still a new concept to many in the network security sector.
“There are barriers to its acceptance that need to be overcome,” he notes.
However, having survived the bursting of the dot.com bubble eight years ago that led many research groups trying to develop optical security solutions to disband, the research team, which launched the WISDOM project in 2006 with funding from the EU’s Sixth Framework Programme, are well placed to rise to the challenge.
And, with the recent boom in data-intensive services, their solution is likely to be in high demand.
Other social bookmarking and sharing tools:
Note: Materials may be edited for content and length. For further information, please contact the source cited above.
Note: If no author is given, the source is cited instead.